From patchwork Wed Jun 24 15:42:17 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Heinrich Schuchardt X-Patchwork-Id: 242865 List-Id: U-Boot discussion From: xypron.glpk at gmx.de (Heinrich Schuchardt) Date: Wed, 24 Jun 2020 17:42:17 +0200 Subject: [PATCH 1/2] efi_loader: type of efi_secure_mode In-Reply-To: <20200624154218.7746-1-xypron.glpk@gmx.de> References: <20200624154218.7746-1-xypron.glpk@gmx.de> Message-ID: <20200624154218.7746-2-xypron.glpk@gmx.de> Variable efi_secure_mode is meant to hold a value of enum efi_secure_mode. So it should not be defined as int but as enum efi_secure_mode. Signed-off-by: Heinrich Schuchardt --- lib/efi_loader/efi_variable.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -- 2.27.0 diff --git a/lib/efi_loader/efi_variable.c b/lib/efi_loader/efi_variable.c index e097670e28..4d275b23ce 100644 --- a/lib/efi_loader/efi_variable.c +++ b/lib/efi_loader/efi_variable.c @@ -27,7 +27,7 @@ enum efi_secure_mode { }; static bool efi_secure_boot; -static int efi_secure_mode; +static enum efi_secure_mode efi_secure_mode; static u8 efi_vendor_keys; #define READ_ONLY BIT(31) From patchwork Wed Jun 24 15:42:18 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Heinrich Schuchardt X-Patchwork-Id: 242867 List-Id: U-Boot discussion From: xypron.glpk at gmx.de (Heinrich Schuchardt) Date: Wed, 24 Jun 2020 17:42:18 +0200 Subject: [PATCH 2/2] efi_loader: size of secure boot variables In-Reply-To: <20200624154218.7746-1-xypron.glpk@gmx.de> References: <20200624154218.7746-1-xypron.glpk@gmx.de> Message-ID: <20200624154218.7746-3-xypron.glpk@gmx.de> The variables SetupMode, AuditMode, DeployedMode are explicitly defined as UINT8 in the UEFI specification. The type of SecureBoot is UINT8 in EDK2. Use variable name secure_boot instead of sec_boot for the value of the UEFI variable SecureBoot. Avoid abbreviations in function descriptions. Signed-off-by: Heinrich Schuchardt --- lib/efi_loader/efi_variable.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) -- 2.27.0 diff --git a/lib/efi_loader/efi_variable.c b/lib/efi_loader/efi_variable.c index 4d275b23ce..6271dbcf41 100644 --- a/lib/efi_loader/efi_variable.c +++ b/lib/efi_loader/efi_variable.c @@ -185,17 +185,17 @@ static const char *parse_attr(const char *str, u32 *attrp, u64 *timep) /** * efi_set_secure_state - modify secure boot state variables - * @sec_boot: value of SecureBoot + * @secure_boot: value of SecureBoot * @setup_mode: value of SetupMode * @audit_mode: value of AuditMode * @deployed_mode: value of DeployedMode * - * Modify secure boot stat-related variables as indicated. + * Modify secure boot status related variables as indicated. * * Return: status code */ -static efi_status_t efi_set_secure_state(int sec_boot, int setup_mode, - int audit_mode, int deployed_mode) +static efi_status_t efi_set_secure_state(u8 secure_boot, u8 setup_mode, + u8 audit_mode, u8 deployed_mode) { u32 attributes; efi_status_t ret; @@ -204,8 +204,8 @@ static efi_status_t efi_set_secure_state(int sec_boot, int setup_mode, EFI_VARIABLE_RUNTIME_ACCESS | READ_ONLY; ret = efi_set_variable_common(L"SecureBoot", &efi_global_variable_guid, - attributes, sizeof(sec_boot), &sec_boot, - false); + attributes, sizeof(secure_boot), + &secure_boot, false); if (ret != EFI_SUCCESS) goto err;